apache + mod_ssl - no response from https://localhost

[cca93014]

Hi,

I've built apache + mod_php + mod_ssl. PHP is working fine. libssl.so is built, and living in /etc/apache/extramodules - file size is 161284 bytes.
I added the following into the apache.conf file:

LoadModule php4_module extramodules/libphp4.so
LoadModule ssl_module extramodules/libssl.so

...

AddModule mod_php4.c
AddModule mod_ssl.c

I have edited the /etc/conf.d/apache file to uncomment the line:

APACHE_OPTS="-D SSL -D PHP4"

The server keys have been created and are living in /etc/apache/conf/ssl.
I can start apache, and standard port 80 works fine. ps -ef shows 6 instances of:

/usr/sbin/apache -D SSL -D PHP4

BUT when I try browsing to https://localhost/

I get nothing - nada. There's nothing entered in the apache log files.

lynx https://localhost

returns:

Looking up localhost
Making HTTPS connection to localhost
Alert!: Unable to connect to remote host.
lynx: Can't access startfile https://localhost/

Anyone got any ideas?

[nitro322]

First of all the obvious: can you connect to http://localhost? If so, then how did you start apache? I haven't tested it yet with Gentoo, but when compiling Apache w/ mod_ssl from source, you need to start it with 'apachectl startssl' in order for it to work. Maybe a similar problem?

[cca93014]

Hmmm. It does work on standard unencrypyed port 80 yeah. Interestingly, when I run:

/usr/sbin/apachectl --help

it doesn't have startssl as one of the options.

I installed the apps in the following order:

1: apache
2: mod_php
3: mod_ssl

Does this matter? I'm 99% sure that "ssl" was in the USE variable at the time...Is there a way of checking what the current USE variable is set to?

[Sykus]

i also have this problem. i emerged apache mod_ssl mod_php mysql at the same time. everything works perfectly except ssl. i've also done everything cca93014 has done regarding post compilation

[rac]

Do you have the following lines at the end of /etc/apache/conf/apache.conf?

[Sykus]

no i did not, will try out now.

edit: rac is now my god thanks!

[mathew]

I've raised bug 6075, to have this fixed in the Desktop Documentation Guide.

[Sykus]

looks like your bug was prematurely closed, and gives instructions that did not work on my system for mod_php or mod_ssl. bugzilla is taking forever to send my password so i can reply though.

edit: correction, bugzilla is just plain not sending my password. oh well, i was gonna reopen the bug and post post this:

it did not add the lines when i did the ebuild config as instructed. it also did not add the lines for mod_php when i did the ebuild config for it.

i had to add the lines manually, after rac's advice.

[zentek]

Now here is a good one !!
I was reading tru the posts and found that i have about the same problem

PHP is working for me do ( just had to put the proper line in apache.conf )

But mod_ssl wont work. The ssl server startup properly ( netstat -ln show a listening socket on 443 ) but the Fr**king page wont be displaid when i check the logs for problem i have this:

------
[error]mod_ssl: Unable to create a new SSL connection from the SSL context (OpenSSL library error follows)
[error] OpenSSL: error:140BA0C3:SSL routines:SSL_new:null ssl ctx
------

Its probably a stoopid newbie error, i mostly missed something. So O linux guru i begg your pardon

Please point me out the solution if you know it.

[cerb]

look here: https://bugs.gentoo.org/show_bug.cgi?id=6075
_________________
Linux is a wigwam - no Windows, no Gates, Apache inside

[squanto]

I did what I was supposed to to get apache and mod_ssl installed.
If I run apache without the -D SSL part, it runs fine, but when using the -D SSL part apache doesn't even show up with the command ps -ef.

Sometimes I get this output:

[rac]

Always fun to post in threads where people have previously confused you with various deities. squanto, it sounds like somehow your mod_ssl has entered two sets of configuration info for itself, and eliminating that would probably be a good first step. Can you try looking in /etc/apache/conf for ssl-related things that look like they're duplicated?
_________________
For every higher wall, there is a taller ladder

[squanto]

OK, since I have looked everywhere I can think of, I am just going to nuke anything to do with mod_ssl.
A question though, would openssl interfere with mod_ssl, or are they a part of eachother?

-Andrew

ps, where is Japanifornia?

[rac]

[squanto]

OK, I unmerged and then remerged apache and mod_ssl, and then uncommented the APACHE_OPS line so that mod ssl and mod php would be started.
When I start apache, I don't get any errors now, but I can't connect to my webserver and ps -ef doesn't show anything related to apapche running.

I am following the desktop setup guide, on a PPC Gentoo 1.4 stage 3 install.

Any help?

this is what I get when I do cat /var/log/apache/ssl_engine_log

[rac]

Anything in /var/log/apache/error.log?
_________________
For every higher wall, there is a taller ladder

[squanto]

[rac]

mod_ssl is not getting loaded. The banner line in error.log should read something like

[squanto]

[synnix]

hey i was just reading on how to fix this and noticed a config file in /etc/apache/conf/vhost/ssl.default-vhost.conf was included in the apache.conf.

Inside /etc/apache/conf/vhost/ssl.default-vhost.conf there is a line that is commented out that defines what hostname mod_ssl should respond to. Set this to all the hostnames that you want mod_ssl to be on and uncomment it and it should work fine.

This works because mod_ssl just sets up a virtual host that uses the mod_ssl module.

Hope this helps some people out.

[squanto]

Well, something got fixed in an ebuild somehow, cause I just emerged new apache mod_php php mod_ssl and it works now.
Not sure why, but thanks for the help
Now to learn how to use php ssl and mysql all together

[ixion]

[ixion]

chroot /www /apache/bin/httpd -l reports this:
Compiled-in modules:
http_core.c
mod_vhost_alias.c
mod_env.c
mod_define.c
mod_log_config.c
mod_mime_magic.c
mod_mime.c
mod_negotiation.c
mod_status.c
mod_info.c
mod_include.c
mod_autoindex.c
mod_dir.c
mod_cgi.c
mod_asis.c
mod_imap.c
mod_actions.c
mod_speling.c
mod_userdir.c
mod_alias.c
mod_rewrite.c
mod_access.c
mod_auth.c
mod_auth_anon.c
mod_auth_dbm.c
mod_digest.c
mod_proxy.c
mod_cern_meta.c
mod_expires.c
mod_headers.c
mod_usertrack.c
mod_unique_id.c
mod_so.c
mod_setenvif.c
mod_ssl.c
mod_php4.c
mod_ssl.c
suexec: disabled; invalid wrapper /apache/bin/suexec

First of all, what's the suexec error mean? And secondly, notice that mod_ssl is loaded twice? Could this be a problem?
_________________
only the paranoid survive

[Hideki]

You may not like it if you don't want to put applications not through emerge, but if you download the source of apache, download source of php and read installation manual with apache2 on php.net to get them both working first, then emerge openssl and read instruction on creating certificates(somewhere below the middle of the page) at Apache-SSL using openssl, it works just fine.

Also it seems easier to configure apache in this way, and you can get to run Apache2

[ixion]

does that all work in a chroot by following their directions? I have not been doing any of this through emerge. I've been doing everything from source. I don't mind compiling from source one bit, and I also don't mind using the older apache.
_________________
only the paranoid survive